Number of packets processed before initiating CHILD_SA rekeying. CHILD_SA rekeying refreshes key material, optionally using a Diffie-Hellman exchange if a group is specified in the proposal.
To avoid rekey collisions initiated by both ends simultaneously, a value in the range of rand_packets gets subtracted to form the effective soft packet count limit.
Packet count based CHILD_SA rekeying is disabled by default.
StrongSwan default: 0
Declarations
Type
null or signed integerDefault
null